Skip to content
Deploy

ci(release): support trusted publishing without npm token #4

Sign in to view logs

ci(release): support trusted publishing without npm token

ci(release): support trusted publishing without npm token #4

Workflow file for this run

.github/workflows/deploy.yml at f81610d
name: Deploy
on:
push:
branches: [main]
workflow_dispatch:
permissions:
contents: read
pages: write
id-token: write
packages: write
concurrency:
group: pages
cancel-in-progress: false
jobs:
# ──────────────────────────────────────────────────────────────────────────
# 1. 构建 VitePress → GitHub Pages
#
# VITEPRESS_BASE 优先级:
# 1. repo 变量 vars.VITEPRESS_BASE(Settings > Variables > Actions)
# 2. 兜底自动使用 /<仓库名>/ (e.g. /fishxcode/)
#
# 如果已绑定自定义域名 doc.fishxcode.com,在 repo Variables 设置:
# VITEPRESS_BASE = /
# ──────────────────────────────────────────────────────────────────────────
build-pages:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- uses: actions/cache@v4
with:
path: docs/.vitepress/cache
key: vitepress-${{ runner.os }}-${{ hashFiles('bun.lock') }}-${{ hashFiles('docs/**/*.md', 'docs/.vitepress/config.mts') }}
restore-keys: |
vitepress-${{ runner.os }}-${{ hashFiles('bun.lock') }}-
vitepress-${{ runner.os }}-
- run: bun install --frozen-lockfile
- name: Build (GitHub Pages)
run: bun run docs:build
env:
VITEPRESS_BASE: ${{ vars.VITEPRESS_BASE || format('/{0}/', github.event.repository.name) }}
- uses: actions/upload-pages-artifact@v3
with:
path: docs/.vitepress/dist
# ──────────────────────────────────────────────────────────────────────────
# 2. 部署到 GitHub Pages
# ──────────────────────────────────────────────────────────────────────────
deploy-pages:
needs: build-pages
runs-on: ubuntu-latest
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- id: deployment
uses: actions/deploy-pages@v4
# ──────────────────────────────────────────────────────────────────────────
# 3. 构建并推送 Docker 镜像
#
# Docker 始终以 VITEPRESS_BASE=/ 构建,因为 nginx 从根路径服务。
# 借助 bun + VitePress + Docker 层三重缓存,二次构建极快。
# ──────────────────────────────────────────────────────────────────────────
docker:
runs-on: ubuntu-latest
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
# 复用与 build-pages 相同的 VitePress 缓存 key
- uses: actions/cache@v4
with:
path: docs/.vitepress/cache
key: vitepress-${{ runner.os }}-${{ hashFiles('bun.lock') }}-${{ hashFiles('docs/**/*.md', 'docs/.vitepress/config.mts') }}
restore-keys: |
vitepress-${{ runner.os }}-${{ hashFiles('bun.lock') }}-
vitepress-${{ runner.os }}-
- run: bun install --frozen-lockfile
- name: Build (Docker, base=/)
run: bun run docs:build
env:
VITEPRESS_BASE: /
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v5
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=sha,prefix=sha-,format=short
- uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max